News

The Hacker News16h

Malicious npm Package nodejs-smtp Mimics Nodemailer, Targets Atomic and Exodus Wallets

The package, named nodejs-smtp, impersonates the legitimate email library nodemailer with an identical tagline, page styling, ...

Beyond The Bundle: Strategic JavaScript Optimization For High-Performance React Apps

Beyond the usual quick tips, let's look at both the business case and the technical side of keeping React bundles lean.
InfoWorld5d

Wave of npm supply chain attacks exposes thousands of enterprise developer credentials

Attacks on the NX build system and React packages highlight escalating threats to enterprise software development pipelines.
Security Boulevard18d

The Hallucinated Package Attack: Slopsquatting

This isn’t just a niche academic concern. Slopsquatting represents a scalable, low-cost attack surface that exploits a ...
Cyber Security Intelligence4d

Malicious Packages Discovered On npm Targeting Chrome User Data

Unsecured platforms can be susceptible to malicious actors inserting harmful packages to exploit unsuspecting users.
The Hacker News8d

⚡ Weekly Recap: Password Manager Flaws, Apple 0-Day, Hidden AI Prompts, In-the-Wild Exploits & More

Popular password manager plugins for web browsers have been found susceptible to clickjacking security vulnerabilities that could be exploited to steal account credentials, two-factor authentication ...